File Upload uses first period to determine extension

[MarcDerhammer]

New Issue Checklist

• I am not disclosing a vulnerability.
• I am not just asking a question.
• I have searched through existing issues.
• I can reproduce the issue with the latest version of Parse Server.

Issue Description

Uploading file names that contain periods before the extension causes the file extension validation to fail. For example, I can upload some file like file.png.html which should be blocked, but the extension is detected as .png.

Steps to reproduce

1. Upload a file called file.png.html
2. File uploads successfully but should have been stopped

Actual Outcome

File upload success

Expected Outcome

Request should have been rejected for File upload of extension html is disabled

Environment

Server

• Parse Server version: 6.2.2
• Operating system: MacOS
• Local or remote host (AWS, Azure, Google Cloud, Heroku, Digital Ocean, etc): Local

Database

• System (MongoDB or Postgres): MongoDB
• Database version: 4.4
• Local or remote host (MongoDB Atlas, mLab, AWS, Azure, Google Cloud, etc): Local

Client

• SDK (iOS, Android, JavaScript, PHP, Unity, etc): Android
• SDK version: 4.2.0

Logs

Instead of first index of ., should it check for last index of . in the FilesRouter.js ?

[parse-github-assistant]

Thanks for opening this issue!

• 🚀 You can help us to fix this issue faster by opening a pull request with a failing test. See our Contribution Guide for how to make a pull request, or read our New Contributor's Guide if this is your first time contributing.

[parseplatformorg]

🎉 This change has been released in version 6.4.0-alpha.3

[parseplatformorg]

🎉 This change has been released in version 6.5.0-beta.1

[parseplatformorg]

🎉 This change has been released in version 6.5.0-alpha.1

[parseplatformorg]

🎉 This change has been released in version 6.5.0

[parseplatformorg]

🎉 This change has been released in version 7.0.0